fingerprint-mcp 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +663 -0
- package/README.ar.md +767 -0
- package/README.bn.md +767 -0
- package/README.bs.md +767 -0
- package/README.da.md +767 -0
- package/README.de.md +770 -0
- package/README.el.md +767 -0
- package/README.es.md +769 -0
- package/README.fr.md +769 -0
- package/README.hi.md +767 -0
- package/README.it.md +767 -0
- package/README.ja.md +767 -0
- package/README.ko.md +772 -0
- package/README.md +767 -0
- package/README.no.md +767 -0
- package/README.pl.md +767 -0
- package/README.pt-BR.md +767 -0
- package/README.ru.md +767 -0
- package/README.th.md +767 -0
- package/README.tr.md +767 -0
- package/README.uk.md +767 -0
- package/README.vi.md +767 -0
- package/README.zh-TW.md +768 -0
- package/README.zh.md +768 -0
- package/dist/app/index.d.ts +3 -0
- package/dist/app/index.d.ts.map +1 -0
- package/dist/app/index.js +614 -0
- package/dist/app/index.js.map +1 -0
- package/dist/composite/analyze.d.ts +3 -0
- package/dist/composite/analyze.d.ts.map +1 -0
- package/dist/composite/analyze.js +59 -0
- package/dist/composite/analyze.js.map +1 -0
- package/dist/composite/correlate.d.ts +3 -0
- package/dist/composite/correlate.d.ts.map +1 -0
- package/dist/composite/correlate.js +184 -0
- package/dist/composite/correlate.js.map +1 -0
- package/dist/composite/enumerate.d.ts +3 -0
- package/dist/composite/enumerate.d.ts.map +1 -0
- package/dist/composite/enumerate.js +94 -0
- package/dist/composite/enumerate.js.map +1 -0
- package/dist/composite/helpers.d.ts +22 -0
- package/dist/composite/helpers.d.ts.map +1 -0
- package/dist/composite/helpers.js +111 -0
- package/dist/composite/helpers.js.map +1 -0
- package/dist/composite/index.d.ts +3 -0
- package/dist/composite/index.d.ts.map +1 -0
- package/dist/composite/index.js +29 -0
- package/dist/composite/index.js.map +1 -0
- package/dist/composite/meta.d.ts +3 -0
- package/dist/composite/meta.d.ts.map +1 -0
- package/dist/composite/meta.js +23 -0
- package/dist/composite/meta.js.map +1 -0
- package/dist/composite/osint.d.ts +3 -0
- package/dist/composite/osint.d.ts.map +1 -0
- package/dist/composite/osint.js +40 -0
- package/dist/composite/osint.js.map +1 -0
- package/dist/composite/recon.d.ts +3 -0
- package/dist/composite/recon.d.ts.map +1 -0
- package/dist/composite/recon.js +131 -0
- package/dist/composite/recon.js.map +1 -0
- package/dist/composite/scan-dns.d.ts +3 -0
- package/dist/composite/scan-dns.d.ts.map +1 -0
- package/dist/composite/scan-dns.js +44 -0
- package/dist/composite/scan-dns.js.map +1 -0
- package/dist/composite/scan-http.d.ts +3 -0
- package/dist/composite/scan-http.d.ts.map +1 -0
- package/dist/composite/scan-http.js +68 -0
- package/dist/composite/scan-http.js.map +1 -0
- package/dist/composite/scan-paths.d.ts +3 -0
- package/dist/composite/scan-paths.d.ts.map +1 -0
- package/dist/composite/scan-paths.js +32 -0
- package/dist/composite/scan-paths.js.map +1 -0
- package/dist/composite/scan-ports.d.ts +3 -0
- package/dist/composite/scan-ports.d.ts.map +1 -0
- package/dist/composite/scan-ports.js +79 -0
- package/dist/composite/scan-ports.js.map +1 -0
- package/dist/composite/scan-services.d.ts +3 -0
- package/dist/composite/scan-services.d.ts.map +1 -0
- package/dist/composite/scan-services.js +111 -0
- package/dist/composite/scan-services.js.map +1 -0
- package/dist/composite/scan-tls.d.ts +3 -0
- package/dist/composite/scan-tls.d.ts.map +1 -0
- package/dist/composite/scan-tls.js +32 -0
- package/dist/composite/scan-tls.js.map +1 -0
- package/dist/composite/scan-waf.d.ts +3 -0
- package/dist/composite/scan-waf.d.ts.map +1 -0
- package/dist/composite/scan-waf.js +35 -0
- package/dist/composite/scan-waf.js.map +1 -0
- package/dist/correlation/index.d.ts +3 -0
- package/dist/correlation/index.d.ts.map +1 -0
- package/dist/correlation/index.js +1044 -0
- package/dist/correlation/index.js.map +1 -0
- package/dist/data/analytics-patterns.d.ts +21 -0
- package/dist/data/analytics-patterns.d.ts.map +1 -0
- package/dist/data/analytics-patterns.js +449 -0
- package/dist/data/analytics-patterns.js.map +1 -0
- package/dist/data/app-signatures.d.ts +52 -0
- package/dist/data/app-signatures.d.ts.map +1 -0
- package/dist/data/app-signatures.js +1143 -0
- package/dist/data/app-signatures.js.map +1 -0
- package/dist/data/c2-signatures.d.ts +54 -0
- package/dist/data/c2-signatures.d.ts.map +1 -0
- package/dist/data/c2-signatures.js +256 -0
- package/dist/data/c2-signatures.js.map +1 -0
- package/dist/data/cloud-ranges.d.ts +34 -0
- package/dist/data/cloud-ranges.d.ts.map +1 -0
- package/dist/data/cloud-ranges.js +628 -0
- package/dist/data/cloud-ranges.js.map +1 -0
- package/dist/data/cookie-patterns.d.ts +28 -0
- package/dist/data/cookie-patterns.d.ts.map +1 -0
- package/dist/data/cookie-patterns.js +225 -0
- package/dist/data/cookie-patterns.js.map +1 -0
- package/dist/data/error-signatures.d.ts +19 -0
- package/dist/data/error-signatures.d.ts.map +1 -0
- package/dist/data/error-signatures.js +321 -0
- package/dist/data/error-signatures.js.map +1 -0
- package/dist/data/favicon-hashes.d.ts +25 -0
- package/dist/data/favicon-hashes.d.ts.map +1 -0
- package/dist/data/favicon-hashes.js +249 -0
- package/dist/data/favicon-hashes.js.map +1 -0
- package/dist/data/h2-signatures.d.ts +50 -0
- package/dist/data/h2-signatures.d.ts.map +1 -0
- package/dist/data/h2-signatures.js +211 -0
- package/dist/data/h2-signatures.js.map +1 -0
- package/dist/data/header-order.d.ts +38 -0
- package/dist/data/header-order.d.ts.map +1 -0
- package/dist/data/header-order.js +185 -0
- package/dist/data/header-order.js.map +1 -0
- package/dist/data/jarm-signatures.d.ts +25 -0
- package/dist/data/jarm-signatures.d.ts.map +1 -0
- package/dist/data/jarm-signatures.js +213 -0
- package/dist/data/jarm-signatures.js.map +1 -0
- package/dist/data/saas-patterns.d.ts +23 -0
- package/dist/data/saas-patterns.d.ts.map +1 -0
- package/dist/data/saas-patterns.js +139 -0
- package/dist/data/saas-patterns.js.map +1 -0
- package/dist/data/sensitive-paths.d.ts +12 -0
- package/dist/data/sensitive-paths.d.ts.map +1 -0
- package/dist/data/sensitive-paths.js +1539 -0
- package/dist/data/sensitive-paths.js.map +1 -0
- package/dist/data/service-banners.d.ts +59 -0
- package/dist/data/service-banners.d.ts.map +1 -0
- package/dist/data/service-banners.js +323 -0
- package/dist/data/service-banners.js.map +1 -0
- package/dist/data/smtp-signatures.d.ts +12 -0
- package/dist/data/smtp-signatures.d.ts.map +1 -0
- package/dist/data/smtp-signatures.js +350 -0
- package/dist/data/smtp-signatures.js.map +1 -0
- package/dist/data/takeover-patterns.d.ts +37 -0
- package/dist/data/takeover-patterns.d.ts.map +1 -0
- package/dist/data/takeover-patterns.js +249 -0
- package/dist/data/takeover-patterns.js.map +1 -0
- package/dist/data/tech-patterns.d.ts +44 -0
- package/dist/data/tech-patterns.d.ts.map +1 -0
- package/dist/data/tech-patterns.js +690 -0
- package/dist/data/tech-patterns.js.map +1 -0
- package/dist/data/waf-signatures.d.ts +21 -0
- package/dist/data/waf-signatures.d.ts.map +1 -0
- package/dist/data/waf-signatures.js +318 -0
- package/dist/data/waf-signatures.js.map +1 -0
- package/dist/dns/index.d.ts +3 -0
- package/dist/dns/index.d.ts.map +1 -0
- package/dist/dns/index.js +1067 -0
- package/dist/dns/index.js.map +1 -0
- package/dist/enum/index.d.ts +3 -0
- package/dist/enum/index.d.ts.map +1 -0
- package/dist/enum/index.js +818 -0
- package/dist/enum/index.js.map +1 -0
- package/dist/h2/index.d.ts +3 -0
- package/dist/h2/index.d.ts.map +1 -0
- package/dist/h2/index.js +414 -0
- package/dist/h2/index.js.map +1 -0
- package/dist/http/index.d.ts +3 -0
- package/dist/http/index.d.ts.map +1 -0
- package/dist/http/index.js +2444 -0
- package/dist/http/index.js.map +1 -0
- package/dist/identify/index.d.ts +3 -0
- package/dist/identify/index.d.ts.map +1 -0
- package/dist/identify/index.js +447 -0
- package/dist/identify/index.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +165 -0
- package/dist/index.js.map +1 -0
- package/dist/infra/index.d.ts +3 -0
- package/dist/infra/index.d.ts.map +1 -0
- package/dist/infra/index.js +989 -0
- package/dist/infra/index.js.map +1 -0
- package/dist/iot/index.d.ts +3 -0
- package/dist/iot/index.d.ts.map +1 -0
- package/dist/iot/index.js +610 -0
- package/dist/iot/index.js.map +1 -0
- package/dist/meta/index.d.ts +3 -0
- package/dist/meta/index.d.ts.map +1 -0
- package/dist/meta/index.js +442 -0
- package/dist/meta/index.js.map +1 -0
- package/dist/osint/index.d.ts +3 -0
- package/dist/osint/index.d.ts.map +1 -0
- package/dist/osint/index.js +687 -0
- package/dist/osint/index.js.map +1 -0
- package/dist/passive/index.d.ts +3 -0
- package/dist/passive/index.d.ts.map +1 -0
- package/dist/passive/index.js +944 -0
- package/dist/passive/index.js.map +1 -0
- package/dist/path/index.d.ts +3 -0
- package/dist/path/index.d.ts.map +1 -0
- package/dist/path/index.js +878 -0
- package/dist/path/index.js.map +1 -0
- package/dist/protocol/mcp-server.d.ts +4 -0
- package/dist/protocol/mcp-server.d.ts.map +1 -0
- package/dist/protocol/mcp-server.js +32 -0
- package/dist/protocol/mcp-server.js.map +1 -0
- package/dist/protocol/tools.d.ts +3 -0
- package/dist/protocol/tools.d.ts.map +1 -0
- package/dist/protocol/tools.js +5 -0
- package/dist/protocol/tools.js.map +1 -0
- package/dist/service/index.d.ts +3 -0
- package/dist/service/index.d.ts.map +1 -0
- package/dist/service/index.js +1053 -0
- package/dist/service/index.js.map +1 -0
- package/dist/smtp/index.d.ts +3 -0
- package/dist/smtp/index.d.ts.map +1 -0
- package/dist/smtp/index.js +437 -0
- package/dist/smtp/index.js.map +1 -0
- package/dist/ssh/index.d.ts +3 -0
- package/dist/ssh/index.d.ts.map +1 -0
- package/dist/ssh/index.js +676 -0
- package/dist/ssh/index.js.map +1 -0
- package/dist/tcp/index.d.ts +3 -0
- package/dist/tcp/index.d.ts.map +1 -0
- package/dist/tcp/index.js +369 -0
- package/dist/tcp/index.js.map +1 -0
- package/dist/timing/index.d.ts +3 -0
- package/dist/timing/index.d.ts.map +1 -0
- package/dist/timing/index.js +425 -0
- package/dist/timing/index.js.map +1 -0
- package/dist/tls/index.d.ts +3 -0
- package/dist/tls/index.d.ts.map +1 -0
- package/dist/tls/index.js +1332 -0
- package/dist/tls/index.js.map +1 -0
- package/dist/types/index.d.ts +26 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +8 -0
- package/dist/types/index.js.map +1 -0
- package/dist/utils/cache.d.ts +11 -0
- package/dist/utils/cache.d.ts.map +1 -0
- package/dist/utils/cache.js +35 -0
- package/dist/utils/cache.js.map +1 -0
- package/dist/utils/murmurhash3.d.ts +3 -0
- package/dist/utils/murmurhash3.d.ts.map +1 -0
- package/dist/utils/murmurhash3.js +57 -0
- package/dist/utils/murmurhash3.js.map +1 -0
- package/dist/utils/rate-limiter.d.ts +10 -0
- package/dist/utils/rate-limiter.d.ts.map +1 -0
- package/dist/utils/rate-limiter.js +35 -0
- package/dist/utils/rate-limiter.js.map +1 -0
- package/dist/utils/require-key.d.ts +2 -0
- package/dist/utils/require-key.d.ts.map +1 -0
- package/dist/utils/require-key.js +8 -0
- package/dist/utils/require-key.js.map +1 -0
- package/dist/waf/index.d.ts +3 -0
- package/dist/waf/index.d.ts.map +1 -0
- package/dist/waf/index.js +767 -0
- package/dist/waf/index.js.map +1 -0
- package/dist/web/index.d.ts +3 -0
- package/dist/web/index.d.ts.map +1 -0
- package/dist/web/index.js +1366 -0
- package/dist/web/index.js.map +1 -0
- package/package.json +66 -0
package/README.da.md
ADDED
|
@@ -0,0 +1,767 @@
|
|
|
1
|
+
<p align="center">
|
|
2
|
+
<a href="README.md">English</a> |
|
|
3
|
+
<a href="README.zh.md">简体中文</a> |
|
|
4
|
+
<a href="README.zh-TW.md">繁體中文</a> |
|
|
5
|
+
<a href="README.ko.md">한국어</a> |
|
|
6
|
+
<a href="README.de.md">Deutsch</a> |
|
|
7
|
+
<a href="README.es.md">Español</a> |
|
|
8
|
+
<a href="README.fr.md">Français</a> |
|
|
9
|
+
<a href="README.it.md">Italiano</a> |
|
|
10
|
+
<strong>Dansk</strong> |
|
|
11
|
+
<a href="README.ja.md">日本語</a> |
|
|
12
|
+
<a href="README.pl.md">Polski</a> |
|
|
13
|
+
<a href="README.ru.md">Русский</a> |
|
|
14
|
+
<a href="README.bs.md">Bosanski</a> |
|
|
15
|
+
<a href="README.ar.md">العربية</a> |
|
|
16
|
+
<a href="README.no.md">Norsk</a> |
|
|
17
|
+
<a href="README.pt-BR.md">Português (Brasil)</a> |
|
|
18
|
+
<a href="README.th.md">ไทย</a> |
|
|
19
|
+
<a href="README.tr.md">Türkçe</a> |
|
|
20
|
+
<a href="README.uk.md">Українська</a> |
|
|
21
|
+
<a href="README.bn.md">বাংলা</a> |
|
|
22
|
+
<a href="README.el.md">Ελληνικά</a> |
|
|
23
|
+
<a href="README.vi.md">Tiếng Việt</a> |
|
|
24
|
+
<a href="README.hi.md">हिन्दी</a>
|
|
25
|
+
</p>
|
|
26
|
+
|
|
27
|
+
<p align="center">
|
|
28
|
+
<br>
|
|
29
|
+
<picture>
|
|
30
|
+
<source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/badchars/fingerprint-mcp/main/.github/banner-dark.svg">
|
|
31
|
+
<source media="(prefers-color-scheme: light)" srcset="https://raw.githubusercontent.com/badchars/fingerprint-mcp/main/.github/banner-light.svg">
|
|
32
|
+
<img alt="fingerprint-mcp" src="https://raw.githubusercontent.com/badchars/fingerprint-mcp/main/.github/banner-dark.svg" width="700">
|
|
33
|
+
</picture>
|
|
34
|
+
</p>
|
|
35
|
+
|
|
36
|
+
<h3 align="center">Universel digital fingerprinting til AI-agenter.</h3>
|
|
37
|
+
|
|
38
|
+
<p align="center">
|
|
39
|
+
TCP, TLS/SSL, SSH, HTTP, DNS, WAF/CDN, IoT, SMTP, servicesondering, JARM, JA4X, favicon-hashing, infrastrukturtopologi, C2-detektion, OSINT-berigelse — samlet i en enkelt MCP-server.<br>
|
|
40
|
+
Din AI-agent far <b>fingerprinting i fuldt spektrum pa forlangende</b>, ikke 11 adskilte CLI-vaerktoejer og manuel korrelation.
|
|
41
|
+
</p>
|
|
42
|
+
|
|
43
|
+
<br>
|
|
44
|
+
|
|
45
|
+
<p align="center">
|
|
46
|
+
<a href="#problemet">Problemet</a> •
|
|
47
|
+
<a href="#hvordan-det-er-anderledes">Hvordan Det Er Anderledes</a> •
|
|
48
|
+
<a href="#hurtig-start">Hurtig Start</a> •
|
|
49
|
+
<a href="#hvad-aien-kan-goere">Hvad AI'en Kan Gore</a> •
|
|
50
|
+
<a href="#vaerktoejsreference-13-vaerktojer-103-teknikker">Vaerktojer (13)</a> •
|
|
51
|
+
<a href="#datakilder-21">Datakilder</a> •
|
|
52
|
+
<a href="#arkitektur">Arkitektur</a> •
|
|
53
|
+
<a href="CHANGELOG.md">Changelog</a> •
|
|
54
|
+
<a href="CONTRIBUTING.md">Bidrag</a>
|
|
55
|
+
</p>
|
|
56
|
+
|
|
57
|
+
<p align="center">
|
|
58
|
+
<a href="https://www.npmjs.com/package/fingerprint-mcp"><img src="https://img.shields.io/npm/v/fingerprint-mcp.svg" alt="npm"></a>
|
|
59
|
+
<a href="LICENSE"><img src="https://img.shields.io/badge/license-AGPL--3.0-blue.svg" alt="Licens"></a>
|
|
60
|
+
<img src="https://img.shields.io/badge/runtime-Bun-f472b6" alt="Bun">
|
|
61
|
+
<img src="https://img.shields.io/badge/protocol-MCP-8b5cf6" alt="MCP">
|
|
62
|
+
<img src="https://img.shields.io/badge/tools-13-ef4444" alt="13 Vaerktojer">
|
|
63
|
+
<img src="https://img.shields.io/badge/techniques-103-f97316" alt="103 Teknikker">
|
|
64
|
+
</p>
|
|
65
|
+
|
|
66
|
+
<p align="center">
|
|
67
|
+
<img src="https://raw.githubusercontent.com/badchars/fingerprint-mcp/main/.github/demo.gif" alt="fingerprint-mcp demo" width="800">
|
|
68
|
+
</p>
|
|
69
|
+
|
|
70
|
+
---
|
|
71
|
+
|
|
72
|
+
## Problemet
|
|
73
|
+
|
|
74
|
+
At fingerprinte en server i dag betyder at jonglere med et dusin adskilte vaerktojer. Du koerer `nmap` til portscanning, `testssl.sh` til certifikatanalyse, `curl -I` til HTTP-headere, `dig` til DNS, `wafw00f` til WAF-detektion, `ssh-audit` til SSH, et separat JARM-vaerktoj, Wappalyzer til teknologidetektion — og sa bruger du 30 minutter pa manuelt at krydsreferere alt i et regneark for at finde ud af, hvad der rent faktisk koerer.
|
|
75
|
+
|
|
76
|
+
```
|
|
77
|
+
Traditionel fingerprinting-arbejdsgang:
|
|
78
|
+
analyser TLS-certifikater -> testssl.sh / openssl s_client
|
|
79
|
+
hent HTTP-headere -> curl -I
|
|
80
|
+
detekter webteknologier -> wappalyzer CLI
|
|
81
|
+
DNS-rekognoscering -> dig / nslookup / dnsenum
|
|
82
|
+
portscanning -> nmap -sV
|
|
83
|
+
WAF-detektion -> wafw00f
|
|
84
|
+
SSH-audit -> ssh-audit
|
|
85
|
+
servicefingerprinting -> nmap scripts
|
|
86
|
+
JARM-fingerprint -> jarm (separat vaerktoj)
|
|
87
|
+
tjek OSINT-databaser -> shodan CLI, censys CLI
|
|
88
|
+
korreler alt -> manuelt i et regneark
|
|
89
|
+
──────────────────────────────
|
|
90
|
+
Total: 11 vaerktojer, 30+ minutter, manuel korrelation
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
**fingerprint-mcp** giver din AI-agent 13 sammensatte vaerktojer, der omslutter 103 fingerprinting-teknikker pa tvaers af 21 udbydere via [Model Context Protocol](https://modelcontextprotocol.io). Agenten koerer multi-lag fingerprinting parallelt, korrelerer signaler pa tvaers af TCP/TLS/HTTP/DNS/SSH-lag, detekterer honeypots og C2-infrastruktur og praesenterer et samlet efterretningsbillede — i en enkelt samtale.
|
|
94
|
+
|
|
95
|
+
```
|
|
96
|
+
Med fingerprint-mcp:
|
|
97
|
+
Du: "Lav en dyb rekognoscering pa target.com"
|
|
98
|
+
|
|
99
|
+
Agent: -> recon {url: "https://target.com", depth: "deep"}
|
|
100
|
+
|
|
101
|
+
-> TLS: nginx/1.24.0 via JARM (3fd21b20d00000...),
|
|
102
|
+
Let's Encrypt-certifikat, 2 SAN'er, TLS 1.2+1.3
|
|
103
|
+
-> HTTP: Express.js bag Cloudflare WAF,
|
|
104
|
+
React SPA, Google Analytics, 14 sikkerhedsheadere analyseret
|
|
105
|
+
-> DNS: A/AAAA/MX/TXT-poster, SPF/DKIM/DMARC konfigureret,
|
|
106
|
+
Slack + Google Workspace detekteret via CNAME/MX
|
|
107
|
+
-> Porte: 80, 443, 22 (OpenSSH 9.6), 8080 (udviklingsserver)
|
|
108
|
+
-> WAF: Cloudflare detekteret, oprindelse-IP opdaget via direkte forbindelse
|
|
109
|
+
-> Optaelling: 12 underdomaener via CT-logfiler, wildcard-DNS detekteret
|
|
110
|
+
-> "target.com koerer nginx/1.24.0 med Express.js bag
|
|
111
|
+
Cloudflare WAF. Oprindelse-IP 203.0.113.42 eksponeret pa port 8080.
|
|
112
|
+
TLS er korrekt konfigureret (A+ aequivalent), men udviklingsserveren
|
|
113
|
+
pa 8080 har ingen WAF-beskyttelse. 3 underdomaener peger pa
|
|
114
|
+
nedlagt infrastruktur — potentiel overtagelsesrisiko."
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
---
|
|
118
|
+
|
|
119
|
+
## Hvordan Det Er Anderledes
|
|
120
|
+
|
|
121
|
+
Eksisterende vaerktojer giver dig ra data et lag ad gangen. fingerprint-mcp giver din AI-agent evnen til at **raesonnere pa tvaers af alle fingerprinting-lag samtidigt**.
|
|
122
|
+
|
|
123
|
+
<table>
|
|
124
|
+
<thead>
|
|
125
|
+
<tr>
|
|
126
|
+
<th></th>
|
|
127
|
+
<th>Traditionel Tilgang</th>
|
|
128
|
+
<th>fingerprint-mcp</th>
|
|
129
|
+
</tr>
|
|
130
|
+
</thead>
|
|
131
|
+
<tbody>
|
|
132
|
+
<tr>
|
|
133
|
+
<td><b>Graenseflade</b></td>
|
|
134
|
+
<td>11 forskellige CLI-vaerktojer med forskellige outputformater</td>
|
|
135
|
+
<td>MCP — AI-agenten kalder vaerktojer konversationelt</td>
|
|
136
|
+
</tr>
|
|
137
|
+
<tr>
|
|
138
|
+
<td><b>Teknikker</b></td>
|
|
139
|
+
<td>Et vaerktoj, et lag ad gangen</td>
|
|
140
|
+
<td>103 teknikker pa tvaers af 21 udbydere, koert parallelt</td>
|
|
141
|
+
</tr>
|
|
142
|
+
<tr>
|
|
143
|
+
<td><b>TLS-analyse</b></td>
|
|
144
|
+
<td>testssl.sh-output, manuel JARM-parsing separat</td>
|
|
145
|
+
<td>Agenten kombinerer certifikat + JARM + JA4X + cipher suites + SNI + CT-logfiler i et kald</td>
|
|
146
|
+
</tr>
|
|
147
|
+
<tr>
|
|
148
|
+
<td><b>Korrelation</b></td>
|
|
149
|
+
<td>Kopier-indsaet resultater i et regneark</td>
|
|
150
|
+
<td>Agenten krydskorrelerer: "JARM matcher kendt C2-framework, HTTP-timing bekraefter honeypot"</td>
|
|
151
|
+
</tr>
|
|
152
|
+
<tr>
|
|
153
|
+
<td><b>WAF-bypass</b></td>
|
|
154
|
+
<td>wafw00f detekterer WAF, du leder manuelt efter oprindelse</td>
|
|
155
|
+
<td>Agenten detekterer WAF, opdager oprindelse-IP og verificerer, at den serverer det samme indhold</td>
|
|
156
|
+
</tr>
|
|
157
|
+
<tr>
|
|
158
|
+
<td><b>API-noegler</b></td>
|
|
159
|
+
<td>Kraevet til Shodan, Censys osv.</td>
|
|
160
|
+
<td>80+ aktive teknikker virker uden nogen API-noegler; noegler laaser OSINT-berigelse op</td>
|
|
161
|
+
</tr>
|
|
162
|
+
<tr>
|
|
163
|
+
<td><b>Opsaetning</b></td>
|
|
164
|
+
<td>Installer nmap, testssl, wafw00f, ssh-audit, jarm, wappalyzer...</td>
|
|
165
|
+
<td><code>npx fingerprint-mcp</code> — en kommando, nul konfiguration</td>
|
|
166
|
+
</tr>
|
|
167
|
+
</tbody>
|
|
168
|
+
</table>
|
|
169
|
+
|
|
170
|
+
---
|
|
171
|
+
|
|
172
|
+
## Hurtig Start
|
|
173
|
+
|
|
174
|
+
### Mulighed 1: npx (ingen installation)
|
|
175
|
+
|
|
176
|
+
```bash
|
|
177
|
+
npx fingerprint-mcp
|
|
178
|
+
```
|
|
179
|
+
|
|
180
|
+
Alle 80+ aktive fingerprinting-teknikker virker med det samme. Ingen API-noegler kraevet til TCP, TLS, SSH, HTTP, DNS, WAF, sti-, service-, timing-, IoT-, SMTP- og applikationsfingerprinting.
|
|
181
|
+
|
|
182
|
+
### Mulighed 2: Klon
|
|
183
|
+
|
|
184
|
+
```bash
|
|
185
|
+
git clone https://github.com/badchars/fingerprint-mcp.git
|
|
186
|
+
cd fingerprint-mcp
|
|
187
|
+
bun install
|
|
188
|
+
```
|
|
189
|
+
|
|
190
|
+
### Miljovariabler (valgfrie)
|
|
191
|
+
|
|
192
|
+
```bash
|
|
193
|
+
# OSINT-berigelse (alle valgfrie — aktiv fingerprinting virker uden nogen noegler)
|
|
194
|
+
export SHODAN_API_KEY=your-key # Aktiverer osint_shodan, ssh_hostkey_lookup
|
|
195
|
+
export CENSYS_API_ID=your-id # Aktiverer osint_censys (gratis: 250 forepoergsler/maned)
|
|
196
|
+
export CENSYS_API_SECRET=your-secret # Censys API-hemmelighed
|
|
197
|
+
export SECURITYTRAILS_API_KEY=your-key # Aktiverer waf_origin, enum_passive_dns
|
|
198
|
+
export VIRUSTOTAL_API_KEY=your-key # Aktiverer osint_virustotal (gratis: 500 forepoergsler/dag)
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
Alle API-noegler er valgfrie. Uden dem far du stadig fuld TCP/TLS/SSH/HTTP/DNS/WAF/sti/service/timing/IoT/SMTP/infrastruktur/applikations-fingerprinting, korrelation, passiv analyse, optaelling og metavaerktojer — 80+ teknikker der virker ved direkte at sondere malet.
|
|
202
|
+
|
|
203
|
+
### Forbind til din AI-agent
|
|
204
|
+
|
|
205
|
+
<details open>
|
|
206
|
+
<summary><b>Claude Code</b></summary>
|
|
207
|
+
|
|
208
|
+
```bash
|
|
209
|
+
# Med npx
|
|
210
|
+
claude mcp add fingerprint-mcp -- npx fingerprint-mcp
|
|
211
|
+
|
|
212
|
+
# Med lokal klon
|
|
213
|
+
claude mcp add fingerprint-mcp -- bun run /path/to/fingerprint-mcp/src/index.ts
|
|
214
|
+
```
|
|
215
|
+
|
|
216
|
+
</details>
|
|
217
|
+
|
|
218
|
+
<details>
|
|
219
|
+
<summary><b>Claude Desktop</b></summary>
|
|
220
|
+
|
|
221
|
+
Tilfoej til `~/Library/Application Support/Claude/claude_desktop_config.json`:
|
|
222
|
+
|
|
223
|
+
```json
|
|
224
|
+
{
|
|
225
|
+
"mcpServers": {
|
|
226
|
+
"fingerprint": {
|
|
227
|
+
"command": "npx",
|
|
228
|
+
"args": ["-y", "fingerprint-mcp"],
|
|
229
|
+
"env": {
|
|
230
|
+
"SHODAN_API_KEY": "optional",
|
|
231
|
+
"CENSYS_API_ID": "optional",
|
|
232
|
+
"CENSYS_API_SECRET": "optional",
|
|
233
|
+
"SECURITYTRAILS_API_KEY": "optional",
|
|
234
|
+
"VIRUSTOTAL_API_KEY": "optional"
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
}
|
|
239
|
+
```
|
|
240
|
+
|
|
241
|
+
</details>
|
|
242
|
+
|
|
243
|
+
<details>
|
|
244
|
+
<summary><b>Cursor / Windsurf / andre MCP-klienter</b></summary>
|
|
245
|
+
|
|
246
|
+
Samme JSON-konfigurationsformat. Peg kommandoen til `npx fingerprint-mcp` eller din lokale installationssti.
|
|
247
|
+
|
|
248
|
+
</details>
|
|
249
|
+
|
|
250
|
+
### Begynd at forepoerge
|
|
251
|
+
|
|
252
|
+
```
|
|
253
|
+
Du: "Fingerprint alt om target.com — TLS, HTTP-stak, WAF, DNS, abne porte"
|
|
254
|
+
```
|
|
255
|
+
|
|
256
|
+
Det er det. Agenten handterer multi-lag fingerprinting, signalkorrelation og infrastrukturanalyse automatisk.
|
|
257
|
+
|
|
258
|
+
---
|
|
259
|
+
|
|
260
|
+
## Hvad AI'en Kan Gore
|
|
261
|
+
|
|
262
|
+
### Hurtig Rekognoscering
|
|
263
|
+
|
|
264
|
+
```
|
|
265
|
+
Du: "Hurtig rekognoscering pa target.com"
|
|
266
|
+
|
|
267
|
+
Agent: -> recon {url: "https://target.com", depth: "quick"}
|
|
268
|
+
|
|
269
|
+
-> TCP: porte 80, 443, 22 abne
|
|
270
|
+
-> TLS: Let's Encrypt RSA-certifikat, TLS 1.2+1.3, nginx JARM-signatur
|
|
271
|
+
-> HTTP: nginx/1.24.0, Express.js, React, Cloudflare CDN
|
|
272
|
+
-> DNS: A 203.0.113.42, MX Google Workspace, SPF/DKIM konfigureret
|
|
273
|
+
-> WAF: Cloudflare detekteret (cf-ray header)
|
|
274
|
+
-> "target.com er en React SPA pa Express.js bag nginx/1.24.0,
|
|
275
|
+
serveret gennem Cloudflare CDN. TLS korrekt konfigureret med
|
|
276
|
+
Let's Encrypt. SSH pa port 22 koerer OpenSSH 9.6. E-mail
|
|
277
|
+
handteret af Google Workspace med fuld SPF/DKIM/DMARC."
|
|
278
|
+
```
|
|
279
|
+
|
|
280
|
+
### Dybdegaende TLS-Undersogelse
|
|
281
|
+
|
|
282
|
+
```
|
|
283
|
+
Du: "Analyser TLS-konfigurationen af suspicious-server.com i detaljer"
|
|
284
|
+
|
|
285
|
+
Agent: -> scan_tls {host: "suspicious-server.com"}
|
|
286
|
+
|
|
287
|
+
-> Certifikat: selvsigneret, CN=localhost, udlobet for 47 dage siden
|
|
288
|
+
-> JARM: 2ad2ad0002ad2ad00042d42d00000069d641f34fe76acdc05c40262f8815e5
|
|
289
|
+
(matcher Cobalt Strike standardprofil)
|
|
290
|
+
-> JA4X: fingerprint matcher kendt C2-framework-monster
|
|
291
|
+
-> Cipher suites: accepterer svage ciphers (RC4, 3DES)
|
|
292
|
+
-> SNI: svarer identisk pa enhver SNI-vaerdi
|
|
293
|
+
-> CT-logfiler: certifikat ikke logget (ikke offentligt betroet)
|
|
294
|
+
-> "HOJ RISIKO: TLS-konfiguration indikerer staerkt C2-infrastruktur.
|
|
295
|
+
Selvsigneret udlobet certifikat, JARM-fingerprint matcher Cobalt Strike,
|
|
296
|
+
accepterer svage ciphers og svarer pa vilkarlige SNI-vaerdier.
|
|
297
|
+
Anbefaler ojebliklig undersogelse og blokering."
|
|
298
|
+
```
|
|
299
|
+
|
|
300
|
+
### WAF-Bypass og Oprindelsesopdagelse
|
|
301
|
+
|
|
302
|
+
```
|
|
303
|
+
Du: "target.com er bag en WAF. Kan du finde oprindelsesserveren?"
|
|
304
|
+
|
|
305
|
+
Agent: -> scan_waf {url: "https://target.com"}
|
|
306
|
+
-> scan_dns {domain: "target.com"}
|
|
307
|
+
-> enumerate {domain: "target.com"}
|
|
308
|
+
|
|
309
|
+
-> WAF: Cloudflare (AS13335), udfordringsside pa mistanksomme anmodninger
|
|
310
|
+
-> DNS: A-post peger pa Cloudflare IP 104.21.x.x
|
|
311
|
+
-> Underdomaener: dev.target.com resolver til 203.0.113.42 (ikke-Cloudflare)
|
|
312
|
+
-> Direkte forbindelse til 203.0.113.42:443 returnerer samme TLS-certifikat
|
|
313
|
+
-> SecurityTrails historik: oprindelse var 203.0.113.42 for Cloudflare
|
|
314
|
+
-> "Oprindelse-IP fundet: 203.0.113.42. Opdaget via dev.target.com
|
|
315
|
+
underdomaene som omgar Cloudflare. Oprindelsen serverer det samme
|
|
316
|
+
TLS-certifikat og svarer pa target.com Host-headeren.
|
|
317
|
+
Oprindelsen har ingen WAF-beskyttelse — direkte adgang mulig."
|
|
318
|
+
```
|
|
319
|
+
|
|
320
|
+
### Serviceopdagelse pa en Vaert
|
|
321
|
+
|
|
322
|
+
```
|
|
323
|
+
Du: "Hvilke services koerer pa 10.0.1.50?"
|
|
324
|
+
|
|
325
|
+
Agent: -> scan_ports {host: "10.0.1.50"}
|
|
326
|
+
-> scan_services {host: "10.0.1.50", ports: [22, 80, 3306, 5432, 6379, 8080]}
|
|
327
|
+
|
|
328
|
+
-> Port 22: OpenSSH 8.9p1 Ubuntu, ED25519 vaertsnogle
|
|
329
|
+
-> Port 80: Apache/2.4.57, PHP/8.2, WordPress 6.4
|
|
330
|
+
-> Port 3306: MySQL 8.0.36, godkendelse kraevet
|
|
331
|
+
-> Port 5432: PostgreSQL 16.1, SSL kraevet
|
|
332
|
+
-> Port 6379: Redis 7.2.4, INGEN godkendelse (aben)
|
|
333
|
+
-> Port 8080: Node.js Express udviklingsserver, CORS: *
|
|
334
|
+
-> "KRITISK: Redis pa port 6379 har ingen godkendelse — enhver pa
|
|
335
|
+
netvaerket kan laese/skrive data. Express udviklingsserveren pa 8080
|
|
336
|
+
har wildcard CORS. MySQL og PostgreSQL kraever korrekt godkendelse.
|
|
337
|
+
WordPress er 2 mindre versioner bagud. Ojebliklig handling nodvendig
|
|
338
|
+
pa Redis og udviklingsservereksponering."
|
|
339
|
+
```
|
|
340
|
+
|
|
341
|
+
---
|
|
342
|
+
|
|
343
|
+
## Vaerktoejsreference (13 vaerktojer, 103 teknikker)
|
|
344
|
+
|
|
345
|
+
<details open>
|
|
346
|
+
<summary><b>recon — Fuld rekognoscering med dybdebaseret teknikvalg</b></summary>
|
|
347
|
+
|
|
348
|
+
| Parameter | Type | Beskrivelse |
|
|
349
|
+
|-----------|------|-------------|
|
|
350
|
+
| `url` | string | Mal-URL til fingerprinting |
|
|
351
|
+
| `depth` | `quick` \| `standard` \| `deep` | Scanningsdybde: quick=5 teknikker, standard=20, deep=50+ |
|
|
352
|
+
|
|
353
|
+
Orkestrerer teknikker fra alle udbydere baseret pa dybdeniveau. Hurtig tilstand giver et hurtigt overblik; dyb tilstand koerer udtommende fingerprinting inklusive optaelling, OSINT og korrelation.
|
|
354
|
+
|
|
355
|
+
</details>
|
|
356
|
+
|
|
357
|
+
<details>
|
|
358
|
+
<summary><b>scan_ports — TCP-portscanning med servicedetektion (3 teknikker)</b></summary>
|
|
359
|
+
|
|
360
|
+
| Parameter | Type | Beskrivelse |
|
|
361
|
+
|-----------|------|-------------|
|
|
362
|
+
| `host` | string | Malvaert (IP eller domaene) |
|
|
363
|
+
| `ports` | number[] | Valgfri — specifikke porte at scanne (standard: almindelige porte) |
|
|
364
|
+
|
|
365
|
+
| Teknik | Beskrivelse |
|
|
366
|
+
|--------|-------------|
|
|
367
|
+
| `tcp_probe` | TCP connect-scanning til at detektere abne porte |
|
|
368
|
+
| `tcp_banner` | Banner-opsamling pa abne porte til serviceidentifikation |
|
|
369
|
+
| `tcp_analysis` | Portkombinationsanalyse og serviceinferens |
|
|
370
|
+
|
|
371
|
+
</details>
|
|
372
|
+
|
|
373
|
+
<details>
|
|
374
|
+
<summary><b>scan_tls — Komplet TLS/SSL-analyse (8 teknikker)</b></summary>
|
|
375
|
+
|
|
376
|
+
| Parameter | Type | Beskrivelse |
|
|
377
|
+
|-----------|------|-------------|
|
|
378
|
+
| `host` | string | Malvaert (IP eller domaene) |
|
|
379
|
+
| `port` | number | Valgfri — TLS-port (standard: 443) |
|
|
380
|
+
|
|
381
|
+
| Teknik | Beskrivelse |
|
|
382
|
+
|--------|-------------|
|
|
383
|
+
| `tls_certificate` | X.509-certifikatparsing — emne, udsteder, SAN'er, gyldighed, kaede |
|
|
384
|
+
| `tls_jarm` | JARM aktiv fingerprinting — 10 TLS Client Hello-sonder, 62-tegns hash |
|
|
385
|
+
| `tls_ja4x` | JA4X passiv TLS-fingerprinting fra certifikategenskaber |
|
|
386
|
+
| `tls_ciphers` | Cipher suite-optaelling og styrkeanalyse |
|
|
387
|
+
| `tls_protocols` | Understottet TLS-protokolversionsdetektion (SSLv3 til TLS 1.3) |
|
|
388
|
+
| `tls_sni` | SNI-adfaerdstest — standardcertifikat vs. anmodet vaertsnavn |
|
|
389
|
+
| `tls_ct_logs` | Certificate Transparency-logopslag via crt.sh |
|
|
390
|
+
| `tls_ocsp` | OCSP-stapling og tilbagekaldelsesstatustjek |
|
|
391
|
+
|
|
392
|
+
</details>
|
|
393
|
+
|
|
394
|
+
<details>
|
|
395
|
+
<summary><b>scan_dns — DNS-efterretning (7 teknikker)</b></summary>
|
|
396
|
+
|
|
397
|
+
| Parameter | Type | Beskrivelse |
|
|
398
|
+
|-----------|------|-------------|
|
|
399
|
+
| `domain` | string | Maldomaene |
|
|
400
|
+
|
|
401
|
+
| Teknik | Beskrivelse |
|
|
402
|
+
|--------|-------------|
|
|
403
|
+
| `dns_records` | Fuld postoptaelling — A, AAAA, MX, NS, TXT, CNAME, SOA |
|
|
404
|
+
| `dns_email_auth` | SPF-, DKIM- og DMARC-postanalyse |
|
|
405
|
+
| `dns_saas` | SaaS/servicedetektion via CNAME- og MX-monstre (Slack, Zendesk osv.) |
|
|
406
|
+
| `dns_server` | DNS-serverfingerprinting (BIND, PowerDNS, Cloudflare osv.) |
|
|
407
|
+
| `dns_takeover` | Underdomaene-overtagelsesdetektion via dinglende CNAME-analyse |
|
|
408
|
+
| `dns_zone` | Zoneoverforselsforsoeg (AXFR) |
|
|
409
|
+
| `dns_caa` | CAA-postanalyse for certifikatmyndighedsrestriktioner |
|
|
410
|
+
|
|
411
|
+
</details>
|
|
412
|
+
|
|
413
|
+
<details>
|
|
414
|
+
<summary><b>scan_http — HTTP/web-fingerprinting (29 teknikker)</b></summary>
|
|
415
|
+
|
|
416
|
+
| Parameter | Type | Beskrivelse |
|
|
417
|
+
|-----------|------|-------------|
|
|
418
|
+
| `url` | string | Mal-URL |
|
|
419
|
+
|
|
420
|
+
| Teknik | Udbyder | Beskrivelse |
|
|
421
|
+
|--------|---------|-------------|
|
|
422
|
+
| `http_headers` | HTTP | Svarheaderanalyse og serveridentifikation |
|
|
423
|
+
| `http_header_order` | HTTP | Header-rae kkefoelge-fingerprint (serversoftwaresignatur) |
|
|
424
|
+
| `http_security_headers` | HTTP | Sikkerhedsheaderaudit (CSP, HSTS, X-Frame-Options osv.) |
|
|
425
|
+
| `http_cookies` | HTTP | Cookieanalyse — flag, praefikser, frameworkdetektion |
|
|
426
|
+
| `http_methods` | HTTP | Tilladte HTTP-metodeoptaelling (OPTIONS) |
|
|
427
|
+
| `http_cors` | HTTP | CORS-politikanalyse og fejlkonfigurationsdetektion |
|
|
428
|
+
| `http_compression` | HTTP | Understoettede komprimeringsalgoritmer (gzip, br, zstd) |
|
|
429
|
+
| `http_caching` | HTTP | Cache-headeranalyse (CDN, reverse proxy-detektion) |
|
|
430
|
+
| `http_etag` | HTTP | ETag-formatanalyse til backendidentifikation |
|
|
431
|
+
| `http_error` | HTTP | Fejlsidefingerprinting (brugerdefinerede vs. standardfejlsider) |
|
|
432
|
+
| `http_redirect` | HTTP | Omdirigeringskaedeanalyse |
|
|
433
|
+
| `http_timing` | HTTP | Svartimingbaseline til serverydelsesprofilering |
|
|
434
|
+
| `http_favicon` | HTTP | Favicon-hash (MurmurHash3) til teknologiidentifikation |
|
|
435
|
+
| `http_robots` | HTTP | robots.txt-parsing og ekstraktion af forbudte stier |
|
|
436
|
+
| `http_sitemap` | HTTP | Sitemap-opdagelse og URL-ekstraktion |
|
|
437
|
+
| `http_wellknown` | HTTP | .well-known-endpunktsopdagelse (security.txt, openid osv.) |
|
|
438
|
+
| `web_tech` | Web | Teknologidetektion via HTML/JS/CSS-monstre |
|
|
439
|
+
| `web_analytics` | Web | Analyse- og sporingsservicedetektion |
|
|
440
|
+
| `web_sourcemaps` | Web | Source map-filopdagelse |
|
|
441
|
+
| `web_websocket` | Web | WebSocket-endpunktsdetektion |
|
|
442
|
+
| `web_graphql` | Web | GraphQL-endpunktsdetektion og introspektion |
|
|
443
|
+
| `web_spa` | Web | Single-page applikations-frameworkdetektion |
|
|
444
|
+
| `web_cdn` | Web | CDN-detektion via svarheadere og DNS |
|
|
445
|
+
| `web_meta` | Web | HTML-metatagsanalyse (generator, framework-hints) |
|
|
446
|
+
| `web_feed` | Web | RSS/Atom-feedopdagelse |
|
|
447
|
+
| `h2_detect` | HTTP/2 | HTTP/2-protokolunderstoettelsesdetektion |
|
|
448
|
+
| `h2_fingerprint` | HTTP/2 | HTTP/2-serverfingerprinting (SETTINGS, WINDOW_UPDATE) |
|
|
449
|
+
| `h2_h3` | HTTP/2 | HTTP/3 (QUIC)-understottelsesdetektion via Alt-Svc-header |
|
|
450
|
+
| `app_cms` | Application | CMS-detektion (WordPress, Drupal, Joomla osv.) |
|
|
451
|
+
|
|
452
|
+
</details>
|
|
453
|
+
|
|
454
|
+
<details>
|
|
455
|
+
<summary><b>scan_paths — Stiefterretning (5 teknikker)</b></summary>
|
|
456
|
+
|
|
457
|
+
| Parameter | Type | Beskrivelse |
|
|
458
|
+
|-----------|------|-------------|
|
|
459
|
+
| `url` | string | Mal-URL |
|
|
460
|
+
| `categories` | string[] | Valgfri — kategorier at tjekke (sensitive, git, debug, api, config) |
|
|
461
|
+
|
|
462
|
+
| Teknik | Beskrivelse |
|
|
463
|
+
|--------|-------------|
|
|
464
|
+
| `path_sensitive` | Opdagelse af folsomme filer (backupfiler, konfigurationsfiler, databasedumps) |
|
|
465
|
+
| `path_robots` | robots.txt- og sitemap.xml-analyse for skjulte stier |
|
|
466
|
+
| `path_git` | Git-repositorylaekdetektion (.git/HEAD, .git/config) |
|
|
467
|
+
| `path_debug` | Debugendpunktsopdagelse (phpinfo, server-status, debugkonsoller) |
|
|
468
|
+
| `path_api` | API-version og dokumentationsendpunktsopdagelse |
|
|
469
|
+
|
|
470
|
+
</details>
|
|
471
|
+
|
|
472
|
+
<details>
|
|
473
|
+
<summary><b>scan_waf — WAF/CDN-detektion og fingerprinting (4 teknikker)</b></summary>
|
|
474
|
+
|
|
475
|
+
| Parameter | Type | Beskrivelse |
|
|
476
|
+
|-----------|------|-------------|
|
|
477
|
+
| `url` | string | Mal-URL |
|
|
478
|
+
|
|
479
|
+
| Teknik | Beskrivelse |
|
|
480
|
+
|--------|-------------|
|
|
481
|
+
| `waf_detect` | WAF-tilstedevaerelsedetektionen via svarheader- og adfaerdsanalyse |
|
|
482
|
+
| `waf_cdn` | CDN-udbyderidentifikation (Cloudflare, Akamai, Fastly osv.) |
|
|
483
|
+
| `waf_fingerprint` | WAF-produktidentifikation og versionsdetektion |
|
|
484
|
+
| `waf_origin` | Oprindelse-IP-opdagelse bag WAF/CDN (kraever `SECURITYTRAILS_API_KEY`) |
|
|
485
|
+
|
|
486
|
+
</details>
|
|
487
|
+
|
|
488
|
+
<details>
|
|
489
|
+
<summary><b>scan_services — Serviceniveausondering (12 teknikker)</b></summary>
|
|
490
|
+
|
|
491
|
+
| Parameter | Type | Beskrivelse |
|
|
492
|
+
|-----------|------|-------------|
|
|
493
|
+
| `host` | string | Malvaert (IP eller domaene) |
|
|
494
|
+
| `ports` | number[] | Valgfri — specifikke porte at sondere |
|
|
495
|
+
| `service` | string | Valgfri — specifik service at sondere (mysql, postgres, redis, ftp, ssh, smtp, vnc, iot) |
|
|
496
|
+
|
|
497
|
+
| Teknik | Udbyder | Beskrivelse |
|
|
498
|
+
|--------|---------|-------------|
|
|
499
|
+
| `ssh_probe` | SSH | SSH-protokolversion og softwaaredetektion |
|
|
500
|
+
| `ssh_algorithms` | SSH | SSH-algoritmeaudit (KEX, ciphers, MAC'er, vaertsnogletyper) |
|
|
501
|
+
| `ssh_hostkey_lookup` | SSH | SSH-vaertsnogleopslag via Shodan (kraever `SHODAN_API_KEY`) |
|
|
502
|
+
| `svc_mysql` | Service | MySQL-versionsdetektion og kapabilitetsfingerprinting |
|
|
503
|
+
| `svc_postgres` | Service | PostgreSQL-versionsdetektion og SSL-understo ttelsetjek |
|
|
504
|
+
| `svc_redis` | Service | Redis-versionsdetektion og godkendelsesstatus |
|
|
505
|
+
| `svc_ftp` | Service | FTP-banneranalyse og anonymt logintjek |
|
|
506
|
+
| `svc_vnc_rdp` | Service | VNC/RDP-servicedetektion og sikkerhedsvurdering |
|
|
507
|
+
| `smtp_banner` | SMTP | SMTP-banneranalyse og MTA-identifikation |
|
|
508
|
+
| `smtp_starttls` | SMTP | SMTP STARTTLS-understoettelse og certifikatinspektion |
|
|
509
|
+
| `iot_detect` | IoT | IoT-enhedsdetektion via bannermonstre og standardsider |
|
|
510
|
+
| `iot_upnp` | IoT | UPnP/SSDP-enhedsopdagelse pa lokalt netvaerk |
|
|
511
|
+
|
|
512
|
+
</details>
|
|
513
|
+
|
|
514
|
+
<details>
|
|
515
|
+
<summary><b>enumerate — Omfangsudvidelse (8 teknikker)</b></summary>
|
|
516
|
+
|
|
517
|
+
| Parameter | Type | Beskrivelse |
|
|
518
|
+
|-----------|------|-------------|
|
|
519
|
+
| `domain` | string | Maldomaene |
|
|
520
|
+
|
|
521
|
+
| Teknik | Beskrivelse |
|
|
522
|
+
|--------|-------------|
|
|
523
|
+
| `enum_subdomains` | Underdomaeneoptaelling via flere metoder |
|
|
524
|
+
| `enum_wildcard` | Wildcard-DNS-detektion |
|
|
525
|
+
| `enum_tld` | TLD-udvidelse (target.com -> target.net, target.org osv.) |
|
|
526
|
+
| `enum_related` | Relateret domaeneopdagelse via delt infrastruktur |
|
|
527
|
+
| `enum_asn` | ASN-naboopdagelse — andre domaener pa samme netvaerk |
|
|
528
|
+
| `enum_ct` | Certificate Transparency-logunderdomaeneedstraktion |
|
|
529
|
+
| `enum_passive_dns` | Passiv DNS-historik (kraever `SECURITYTRAILS_API_KEY`) |
|
|
530
|
+
| `enum_scope` | Omfangsresume og angrebsoverfladeoverblik |
|
|
531
|
+
|
|
532
|
+
</details>
|
|
533
|
+
|
|
534
|
+
<details>
|
|
535
|
+
<summary><b>osint — OSINT-berigelse (6 teknikker)</b></summary>
|
|
536
|
+
|
|
537
|
+
| Parameter | Type | Beskrivelse |
|
|
538
|
+
|-----------|------|-------------|
|
|
539
|
+
| `target` | string | IP-adresse eller domaene at berige |
|
|
540
|
+
| `type` | `ip` \| `domain` | Valgfri — maltype (automatisk detekteret hvis udeladt) |
|
|
541
|
+
|
|
542
|
+
| Teknik | Auth | Beskrivelse |
|
|
543
|
+
|--------|------|-------------|
|
|
544
|
+
| `osint_shodan` | `SHODAN_API_KEY` | Shodan-vaertopslag — abne porte, bannere, sarbarheder, OS |
|
|
545
|
+
| `osint_censys` | `CENSYS_API_ID` + `CENSYS_API_SECRET` | Censys-vaertdata — services, TLS, autonomt system |
|
|
546
|
+
| `osint_reverse_ip` | Ingen | Omvendt IP-opslag — andre domaener pa samme IP |
|
|
547
|
+
| `osint_whois` | Ingen | WHOIS-registreringsdata — registrar, datoer, navneservere |
|
|
548
|
+
| `osint_webarchive` | Ingen | Web Archive-historik — forste/sidste snapshot, aendringsfrekvens |
|
|
549
|
+
| `osint_virustotal` | `VIRUSTOTAL_API_KEY` | VirusTotal domaene/IP-rapport — detektioner, kategorier, DNS |
|
|
550
|
+
|
|
551
|
+
</details>
|
|
552
|
+
|
|
553
|
+
<details>
|
|
554
|
+
<summary><b>analyze — Passiv fingerprintanalyse (3 tilstande)</b></summary>
|
|
555
|
+
|
|
556
|
+
| Parameter | Type | Beskrivelse |
|
|
557
|
+
|-----------|------|-------------|
|
|
558
|
+
| `type` | `headers` \| `html` \| `banner` | Type data at analysere |
|
|
559
|
+
| `data` | string | Ra data at analysere (indsaet headere, HTML eller banneroutput) |
|
|
560
|
+
|
|
561
|
+
| Tilstand | Beskrivelse |
|
|
562
|
+
|----------|-------------|
|
|
563
|
+
| `fp_analyze_headers` | Passiv HTTP-headeranalyse — server-, framework-, proxydetektion uden at sende trafik |
|
|
564
|
+
| `fp_analyze_html` | Passiv HTML-analyse — teknologidetektion, frameworkidentifikation fra kilde |
|
|
565
|
+
| `fp_analyze_banner` | Passiv banneranalyse — serviceidentifikation fra ra bannertekst |
|
|
566
|
+
|
|
567
|
+
</details>
|
|
568
|
+
|
|
569
|
+
<details>
|
|
570
|
+
<summary><b>correlate — Multi-signal korrelationsmotor (7 tilstande)</b></summary>
|
|
571
|
+
|
|
572
|
+
| Parameter | Type | Beskrivelse |
|
|
573
|
+
|-----------|------|-------------|
|
|
574
|
+
| `type` | `consistency` \| `honeypot` \| `spoofing` \| `compare` \| `topology` \| `c2` \| `identify` | Korrelationstilstand |
|
|
575
|
+
| `signals` | object | Fingerprintsignaler at korrelere (varierer efter tilstand) |
|
|
576
|
+
|
|
577
|
+
| Tilstand | Beskrivelse |
|
|
578
|
+
|----------|-------------|
|
|
579
|
+
| `fp_consistency` | Kryds-lag signalkonsistenstjek — stemmer TCP-, TLS-, HTTP- og DNS-fingerprints overens? |
|
|
580
|
+
| `fp_honeypot` | Honeypotdetektion — tjekker for umulige servicekombinationer og adfaerdsanomalier |
|
|
581
|
+
| `fp_spoofing` | Spoofingdetektion — identificerer uoverensstemmende serverheadere vs. faktisk adfaerd |
|
|
582
|
+
| `fp_compare` | Side-om-side sammenligning af to vaerters fingerprintprofiler |
|
|
583
|
+
| `fp_topology` | Infrastrukturtopologikortlaegning — CDN, load balancer, reverse proxy-kaede |
|
|
584
|
+
| `fp_c2` | C2-frameworkdetektion via JARM, TLS, HTTP og timingkorrelation |
|
|
585
|
+
| `fp_identify` | Hash-baseret identifikation mod kendt signaturdatabase |
|
|
586
|
+
|
|
587
|
+
</details>
|
|
588
|
+
|
|
589
|
+
<details>
|
|
590
|
+
<summary><b>meta — Serverkonfiguration og data (3 tilstande)</b></summary>
|
|
591
|
+
|
|
592
|
+
| Parameter | Type | Beskrivelse |
|
|
593
|
+
|-----------|------|-------------|
|
|
594
|
+
| `category` | string | Valgfri — filtrer efter kategori |
|
|
595
|
+
|
|
596
|
+
| Tilstand | Beskrivelse |
|
|
597
|
+
|----------|-------------|
|
|
598
|
+
| `fp_sources` | Liste over alle tilgaengelige datakilder med konfiguration og API-noglestatus |
|
|
599
|
+
| `fp_config` | Serverkonfiguration — version, indlaeste udbydere, teknikantal |
|
|
600
|
+
| `fp_signatures` | Signaturdatabaseliste — JARM-, banner-, WAF-, applikationssignaturer |
|
|
601
|
+
|
|
602
|
+
</details>
|
|
603
|
+
|
|
604
|
+
---
|
|
605
|
+
|
|
606
|
+
### CLI-brug
|
|
607
|
+
|
|
608
|
+
```bash
|
|
609
|
+
# List alle tilgaengelige vaerktojer og teknikker
|
|
610
|
+
npx fingerprint-mcp --list
|
|
611
|
+
|
|
612
|
+
# Koer et vilkarligt vaerktoj direkte
|
|
613
|
+
npx fingerprint-mcp --tool recon '{"url":"https://example.com","depth":"quick"}'
|
|
614
|
+
npx fingerprint-mcp --tool scan_tls '{"host":"example.com"}'
|
|
615
|
+
npx fingerprint-mcp --tool scan_ports '{"host":"10.0.1.50","ports":[22,80,443,3306,8080]}'
|
|
616
|
+
npx fingerprint-mcp --tool scan_dns '{"domain":"example.com"}'
|
|
617
|
+
npx fingerprint-mcp --tool scan_http '{"url":"https://example.com"}'
|
|
618
|
+
npx fingerprint-mcp --tool scan_waf '{"url":"https://example.com"}'
|
|
619
|
+
npx fingerprint-mcp --tool scan_services '{"host":"10.0.1.50","service":"redis"}'
|
|
620
|
+
npx fingerprint-mcp --tool enumerate '{"domain":"example.com"}'
|
|
621
|
+
npx fingerprint-mcp --tool analyze '{"type":"headers","data":"Server: nginx/1.24.0\nX-Powered-By: Express"}'
|
|
622
|
+
npx fingerprint-mcp --tool correlate '{"type":"honeypot","signals":{"jarm":"...","banner":"..."}}'
|
|
623
|
+
npx fingerprint-mcp --tool meta '{}'
|
|
624
|
+
|
|
625
|
+
# OSINT-vaerktojer (kraever API-noegler)
|
|
626
|
+
SHODAN_API_KEY=your-key npx fingerprint-mcp --tool osint '{"target":"203.0.113.42","type":"ip"}'
|
|
627
|
+
```
|
|
628
|
+
|
|
629
|
+
---
|
|
630
|
+
|
|
631
|
+
## Datakilder (21)
|
|
632
|
+
|
|
633
|
+
| Kilde | Auth | Hvad den giver |
|
|
634
|
+
|-------|------|----------------|
|
|
635
|
+
| TCP-sondering | Ingen | Portscanning, banneropsamling, servicedetektion |
|
|
636
|
+
| TLS/SSL-analyse | Ingen | Certifikatparsing, JARM-fingerprinting, JA4X, cipheroptaelling, SNI-test |
|
|
637
|
+
| SSH-sondering | Ingen | Protokolversion, algoritmeaudit, softwaredetektion |
|
|
638
|
+
| HTTP-analyse | Ingen | Headerfingerprinting, favicon-hashing, cookieanalyse, metodeoptaelling, CORS |
|
|
639
|
+
| Webdetektion | Ingen | Teknologidetektion, analytics, source maps, WebSocket, GraphQL, SPA-frameworks |
|
|
640
|
+
| Stiopdagelse | Ingen | Folsomme filer, git-laek, debugendpunkter, API-versioner, robots.txt |
|
|
641
|
+
| DNS-oplosning | Ingen | Postoptaelling, e-mail-auth-analyse, SaaS-detektion, serverfingerprinting |
|
|
642
|
+
| WAF/CDN-detektion | Ingen | WAF-identifikation, CDN-detektion, WAF-fingerprinting |
|
|
643
|
+
| Timinganalyse | Ingen | Svartimingbaseline, urafvigelsesdetektion |
|
|
644
|
+
| HTTP/2 og HTTP/3 | Ingen | HTTP/2-detektion og fingerprinting, HTTP/3 Alt-Svc-opdagelse |
|
|
645
|
+
| SMTP-sondering | Ingen | SMTP-banneranalyse, STARTTLS-inspektion |
|
|
646
|
+
| IoT/Embedded | Ingen | IoT-enhedsdetektion, UPnP/SSDP-opdagelse |
|
|
647
|
+
| Applikationsdetektion | Ingen | CMS-, framework- og e-handelsplatformidentifikation |
|
|
648
|
+
| Servicesondering | Ingen | MySQL, PostgreSQL, Redis, FTP, VNC/RDP-fingerprinting |
|
|
649
|
+
| Infrastrukturdetektion | Ingen | Cloudprovider-, hostingprovider-, CDN-identifikation |
|
|
650
|
+
| Korrelationsmotor | Ingen | Signalkonsistens, honeypotdetektion, spoofingdetektion, topologikortlaegning |
|
|
651
|
+
| Identifikationsmotor | Ingen | Hash-baseret identifikation, C2-detektion, signaturmatchning |
|
|
652
|
+
| [Shodan](https://www.shodan.io) | `SHODAN_API_KEY` | Vaertefterretning — abne porte, bannere, sarbarheder, OS-detektion |
|
|
653
|
+
| [Censys](https://censys.io) | `CENSYS_API_ID` | Vaertdata — services, TLS-certifikater, autonomt systeminfo |
|
|
654
|
+
| [SecurityTrails](https://securitytrails.com) | `SECURITYTRAILS_API_KEY` | WAF-oprindelsesopdagelse, passiv DNS-historik, historiske poster |
|
|
655
|
+
| [VirusTotal](https://www.virustotal.com) | `VIRUSTOTAL_API_KEY` | Domaene/IP-omdoemme, detektionsresultater, DNS-historik, kategorier |
|
|
656
|
+
|
|
657
|
+
---
|
|
658
|
+
|
|
659
|
+
## Arkitektur
|
|
660
|
+
|
|
661
|
+
```
|
|
662
|
+
src/
|
|
663
|
+
index.ts # CLI-indgangspunkt (--help, --list, --tool, stdio-server)
|
|
664
|
+
protocol/
|
|
665
|
+
mcp-server.ts # MCP-serveropsaetning (stdio-transport)
|
|
666
|
+
tools.ts # Vaerktoejsregister — alle 13 sammensatte vaerktojer registreret her
|
|
667
|
+
types/
|
|
668
|
+
index.ts # Delte typer (ToolDef, ToolContext, ToolResult)
|
|
669
|
+
utils/
|
|
670
|
+
rate-limiter.ts # Rate limiter per udbyder
|
|
671
|
+
cache.ts # TTL-cache til API-svar
|
|
672
|
+
require-key.ts # API-noglevalideringshelper
|
|
673
|
+
murmurhash3.ts # MurmurHash3 til favicon-hashing
|
|
674
|
+
composite/ # 13 sammensatte vaerktoejsorkestrorer
|
|
675
|
+
recon.ts # Fuld rekognosceringsorkestrorer (quick/standard/deep)
|
|
676
|
+
scan-ports.ts # Portscanning sammensat
|
|
677
|
+
scan-tls.ts # TLS-analyse sammensat
|
|
678
|
+
scan-dns.ts # DNS-efterretning sammensat
|
|
679
|
+
scan-http.ts # HTTP-fingerprinting sammensat
|
|
680
|
+
scan-paths.ts # Stiopdagelse sammensat
|
|
681
|
+
scan-waf.ts # WAF/CDN-detektion sammensat
|
|
682
|
+
scan-services.ts # Servicesondering sammensat
|
|
683
|
+
analyze.ts # Passiv analyse sammensat
|
|
684
|
+
correlate.ts # Korrelationsmotor sammensat
|
|
685
|
+
enumerate.ts # Omfangsudvidelse sammensat
|
|
686
|
+
osint.ts # OSINT-berigelse sammensat
|
|
687
|
+
meta.ts # Server-meta sammensat
|
|
688
|
+
helpers.ts # Delte sammensatte hjelpere
|
|
689
|
+
tcp/ # TCP-sonderingsteknikker (3)
|
|
690
|
+
tls/ # TLS/SSL-analyseteknikker (8)
|
|
691
|
+
ssh/ # SSH-sonderingsteknikker (3)
|
|
692
|
+
http/ # HTTP-fingerprintingteknikker (16)
|
|
693
|
+
web/ # Webteknologidetektionsteknikker (9)
|
|
694
|
+
path/ # Stiopdagelsesteknikker (5)
|
|
695
|
+
dns/ # DNS-efterretningsteknikker (7)
|
|
696
|
+
waf/ # WAF/CDN-detektionsteknikker (4)
|
|
697
|
+
timing/ # Timinganalyseteknikker (2)
|
|
698
|
+
h2/ # HTTP/2 og HTTP/3-teknikker (3)
|
|
699
|
+
smtp/ # SMTP-sonderingsteknikker (2)
|
|
700
|
+
iot/ # IoT/embedded-detektionsteknikker (2)
|
|
701
|
+
app/ # Applikationsdetektionsteknikker (3)
|
|
702
|
+
service/ # Servicesonderingsteknikker (5)
|
|
703
|
+
infra/ # Infrastrukturdetektionsteknikker (3)
|
|
704
|
+
correlation/ # Korrelationsmotor (5)
|
|
705
|
+
identify/ # Identifikationsmotor (3)
|
|
706
|
+
passive/ # Passiv analyse (3)
|
|
707
|
+
osint/ # OSINT-berigelsesteknikker (6)
|
|
708
|
+
enum/ # Optaellingsteknikker (8)
|
|
709
|
+
meta/ # Metavaerktojer (3)
|
|
710
|
+
data/ # Signaturdatabaser og monsterbiblioteker
|
|
711
|
+
jarm-signatures.ts # Kendte JARM-fingerprints (C2, servere, CDN'er)
|
|
712
|
+
waf-signatures.ts # WAF-detektionssignaturer
|
|
713
|
+
service-banners.ts # Servicebannermonstre
|
|
714
|
+
tech-patterns.ts # Teknologidetektionsmonstre
|
|
715
|
+
favicon-hashes.ts # Kendte favicon MurmurHash3-vaerdier
|
|
716
|
+
c2-signatures.ts # C2-frameworksignaturer
|
|
717
|
+
... # 15+ signatur-/monsterdatabaser
|
|
718
|
+
```
|
|
719
|
+
|
|
720
|
+
**Designbeslutninger:**
|
|
721
|
+
|
|
722
|
+
- **13 sammensatte vaerktojer, 103 teknikker** — Agenten kalder hoejniveauvaerktojer (`recon`, `scan_tls`, `scan_http`). Hvert sammensat vaerktoj orkestrerer flere lavniveauteknikker og returnerer korrelerede resultater. Dette reducerer overhead for vaerktoejskald, mens granulariteten bevares.
|
|
723
|
+
- **21 udbydere, 1 server** — Hvert fingerprinting-lag er et uafhaengigt modul. Den sammensatte orkestrator vaelger teknikker baseret pa kontekst og dybde.
|
|
724
|
+
- **Aktiv forst, OSINT valgfri** — 80+ teknikker virker ved direkte at sondere malet uden nogen API-noegler. OSINT-udbydere (Shodan, Censys, VirusTotal, SecurityTrails) tilfojer berigelse, men er aldrig paakraevet.
|
|
725
|
+
- **Rate limiters per udbyder** — Hver udbyder har sin egen `RateLimiter`-instans. Aktiv sondering er hastighedsbegraenset for at undga detektion; OSINT API'er er kalibreret til deres kvoter.
|
|
726
|
+
- **TTL-caching** — DNS-poster (10min), OSINT-resultater (15min), CT-logfiler (30min) caches for at undga overflodige opslag under multi-vaerktoejs arbejdsgange.
|
|
727
|
+
- **Graceful degradation** — Manglende API-noegler crasher ikke serveren. OSINT-vaerktojer returnerer beskrivende meddelelser: "Indstil SHODAN_API_KEY for at aktivere Shodan-vaertopslag."
|
|
728
|
+
- **3 afhaengigheder** — `@modelcontextprotocol/sdk`, `zod` og `cheerio`. Alt netvaerks-I/O via native `fetch()` og Node.js `net`/`tls`/`dns`-moduler. Ingen nmap, ingen eksterne binaerer.
|
|
729
|
+
|
|
730
|
+
---
|
|
731
|
+
|
|
732
|
+
## Begraensninger
|
|
733
|
+
|
|
734
|
+
- OSINT-vaerktojer (Shodan, Censys, VirusTotal, SecurityTrails) kraever API-noegler til deres respektive teknikker
|
|
735
|
+
- Censys gratis niveau er begraenset til 250 forepoergsler/maned
|
|
736
|
+
- VirusTotal gratis niveau er begraenset til 500 forepoergsler/dag
|
|
737
|
+
- Portscanning bruger TCP connect (ikke SYN-scanning) — mindre diskret end nmap, men kraever ingen root-privilegier
|
|
738
|
+
- JARM-fingerprinting kraever direkte TCP-adgang til malet (kan vaere blokeret af firewalls)
|
|
739
|
+
- UPnP/SSDP-opdagelse virker kun pa lokale netvaerk
|
|
740
|
+
- Servicesondering (MySQL, PostgreSQL, Redis) forbinder, men autentificerer ikke
|
|
741
|
+
- Underdomaeneoptaelling er baseret pa CT-logfiler og passive kilder (ingen brute-force)
|
|
742
|
+
- macOS / Linux testet (Windows ikke testet)
|
|
743
|
+
|
|
744
|
+
---
|
|
745
|
+
|
|
746
|
+
## Del af MCP-sikkerhedspakken
|
|
747
|
+
|
|
748
|
+
| Projekt | Domaene | Vaerktojer |
|
|
749
|
+
|---------|---------|------------|
|
|
750
|
+
| [hackbrowser-mcp](https://github.com/badchars/hackbrowser-mcp) | Browserbaseret sikkerhedstest | 39 vaerktojer, Firefox, injektionstest |
|
|
751
|
+
| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp) | Cloudsikkerhed (AWS/Azure/GCP) | 38 vaerktojer, 60+ tjek |
|
|
752
|
+
| [github-security-mcp](https://github.com/badchars/github-security-mcp) | GitHub sikkerhedsposition | 39 vaerktojer, 45 tjek |
|
|
753
|
+
| [cve-mcp](https://github.com/badchars/cve-mcp) | Sarbarhedsefterretning | 23 vaerktojer, 5 kilder |
|
|
754
|
+
| [osint-mcp-server](https://github.com/badchars/osint-mcp-server) | OSINT og rekognoscering | 37 vaerktojer, 12 kilder |
|
|
755
|
+
| [darknet-mcp-server](https://github.com/badchars/darknet-mcp-server) | Dark web og trusselefterretning | 66 vaerktojer, 16 kilder |
|
|
756
|
+
| **fingerprint-mcp** | **Universel digital fingerprinting** | **13 vaerktojer, 103 teknikker, 21 udbydere** |
|
|
757
|
+
|
|
758
|
+
---
|
|
759
|
+
|
|
760
|
+
<p align="center">
|
|
761
|
+
<b>Kun til autoriseret sikkerhedstest og vurdering.</b><br>
|
|
762
|
+
Soerg altid for at have korrekt autorisation, for du udforer fingerprinting pa et mal.
|
|
763
|
+
</p>
|
|
764
|
+
|
|
765
|
+
<p align="center">
|
|
766
|
+
<a href="LICENSE">AGPL-3.0-licens</a> • Bygget med Bun + TypeScript
|
|
767
|
+
</p>
|